From 24fb60d714e5c6dc3ad3dec1295b871e196cfa98 Mon Sep 17 00:00:00 2001 From: Amit Gupta Date: Thu, 10 Aug 2017 21:51:38 +0530 Subject: [PATCH] Bug 19078 - XSS Flaws in System preferences 1. Hit /cgi-bin/koha/admin/preferences.pl 2. Enter in search system preferences box. 3. Notice the java script is executed. 4. Apply patch. 5. Reload page, and enter in search system preferences box. 6. Notice it is no longer executed. Signed-off-by: Chris Cormack Signed-off-by: Marcel de Rooy Signed-off-by: Jonathan Druart (cherry picked from commit b7bb60d76041bf00f6a28fe3a55ecc2c7912a275) Signed-off-by: Fridolin Somers --- koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt index 28ccddcff0..ed2aa03547 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences.tt @@ -31,7 +31,7 @@ }); }); // This is here because of its dependence on template variables, everything else should go in js/pages/preferences.js - jpw - var to_highlight = "[% searchfield |replace("'", "\'") |replace('"', '\"') |replace('\n', '\\n') |replace('\r', '\\r') %]"; + var to_highlight = "[% searchfield |replace("'", "\'") |replace('"', '\"') |replace('\n', '\\n') |replace('\r', '\\r') |html %]"; var search_jumped = [% IF ( search_jumped ) %]true[% ELSE %]false[% END %]; var MSG_NOTHING_TO_SAVE = _("Nothing to save"); var MSG_SAVING = _("Saving..."); -- 2.39.2